[Senate Report 117-223]
[From the U.S. Government Publishing Office]


                                                      Calendar No. 580
117th Congress      }                                    {      Report
                                 SENATE
 2d Session         }                                    {     117-223
_______________________________________________________________________

                                     



  STRENGTHENING AGENCY MANAGEMENT AND OVERSIGHT OF SOFTWARE ASSETS ACT

                               __________

                              R E P O R T

                                 of the

                   COMMITTEE ON HOMELAND SECURITY AND

                          GOVERNMENTAL AFFAIRS

                          UNITED STATES SENATE

                              to accompany

                                S. 4908

             TO IMPROVE THE VISIBILITY, ACCOUNTABILITY, AND
             OVERSIGHT OF AGENCY SOFTWARE ASSET MANAGEMENT
                   PRACTICES, AND FOR OTHER PURPOSES







[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]








 
                December 5, 2022.--Ordered to be printed   
                
                             _________
                              
                 U.S. GOVERNMENT PUBLISHING OFFICE
                 
39-010                   WASHINGTON : 2022
                
                
                
                
                
                
                
                
                
                
                
                
                
                
                
                
                
                
        COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS

                   GARY C. PETERS, Michigan, Chairman
THOMAS R. CARPER, Delaware           ROB PORTMAN, Ohio
MAGGIE HASSAN, New Hampshire         RON JOHNSON, Wisconsin
KYRSTEN SINEMA, Arizona              RAND PAUL, Kentucky
JACKY ROSEN, Nevada                  JAMES LANKFORD, Oklahoma
ALEX PADILLA, California             MITT ROMNEY, Utah
JON OSSOFF, Georgia                  RICK SCOTT, Florida
                                     JOSH HAWLEY, Missouri

                   David M. Weinberg, Staff Director
                    Zachary I. Schram, Chief Counsel
            Lena C. Chang, Director of Governmental Affairs
         Matthew T. Cornelius, Senior Professional Staff Member
                Pamela Thiessen, Minority Staff Director
            Sam J. Mulopulos, Minority Deputy Staff Director
       Jeremy H. Hayes, Minority Senior Professional Staff Member
                     Laura W. Kilbride, Chief Clerk


















                                                      Calendar No. 580
117th Congress      }                                    {      Report
                                 SENATE
 2d Session         }                                    {     117-223

======================================================================



 
  STRENGTHENING AGENCY MANAGEMENT AND OVERSIGHT OF SOFTWARE ASSETS ACT

                                _______
                                

                December 5, 2022.--Ordered to be printed

                                _______
                                

 Mr. Peters, from the Committee on Homeland Security and Governmental 
                    Affairs, submitted the following

                              R E P O R T

                         [To accompany S. 4908]

      [Including cost estimate of the Congressional Budget Office]

    The Committee on Homeland Security and Governmental 
Affairs, to which was referred the bill (S. 4908) to improve 
the visibility, accountability, and oversight of agency 
software asset management practices, and for other purposes, 
having considered the same, reports favorably thereon with an 
amendment, in the nature of a substitute, and recommends that 
the bill, as amended, do pass.

                                CONTENTS

                                                                     Page
  I. Purpose and Summary..............................................  1
 II. Background and Need for the Legislation..........................  2
III. Legislative History..............................................  3
 IV. Section-by-Section Analysis of the Bill, as Reported.............  3
  V. Evaluation of Regulatory Impact..................................  5
 VI. Congressional Budget Office Cost Estimate........................  5
VII. Changes in Existing Law Made by the Bill, as Reported............  7

                         I. PURPOSE AND SUMMARY

    S. 4908, Strengthening Agency Management and Oversight of 
Software Assets Act, seeks to reduce costs to taxpayers and 
improve agency cybersecurity. The bill requires agencies to 
conduct an independent, comprehensive assessment of their 
software licensing, deployment, acquisition, and true use 
capabilities. The bill also requires agencies, after submitting 
the findings of the comprehensive assessment to the agency 
head, Congress, and the Comptroller General, to establish a 
plan to streamline and consolidate agency licenses and to 
identify opportunities for the agency to adopt enterprise 
licenses, where feasible. Further, the bill requires the 
Director of the Office of Management and Budget (OMB) to 
publish a government-wide strategy for software modernization, 
using information provided to the Director through agency plans 
and comprehensive assessments. The bill also requires agencies 
to submit their plans in their annual budget submissions so 
that Congress can oversee the scope of each agency's plan and 
consider whether additional resources or authorities may be 
needed to help agencies achieve their software asset management 
goals.

              II. BACKGROUND AND NEED FOR THE LEGISLATION

    Billions of dollars are spent on software purchases, 
contract re-ups, and license modifications every year, and the 
current manner in which vendors sell (and agencies often 
purchase) software leaves agencies with incomplete information 
regarding what software assets have been purchased or are 
deployed on their networks. This information asymmetry impedes 
important agency oversight and software governance priorities. 
The Strengthening Agency Management and Oversight of Software 
Assets Act (SAMOSA, or ``Act'') requires comprehensive 
assessments of all agency software management contracts, 
including those through resellers or integrators, to provide 
Chief Information Officers (CIOs), Chief Financial Officers 
(CFOs), and Chief Acquisition Officers (CAOs) with a 
comprehensive, performance-based assessment of their software 
assets.
    SAMOSA builds on previous efforts by Congress to ensure 
agencies have adequate visibility into their software license 
inventories. In the 114th session, Congress passed the Making 
Electronic Government Accountable By Yielding Tangible 
Efficiencies Act of 2016 (MEGABYTE Act).\1\ The MEGABYTE Act 
required the OMB Director to issue a directive to agencies that 
would require each executive agency CIO to develop a 
comprehensive software licensing policy.\2\ Beyond the 
requirements in the MEGABYTE Act, CIOs, CFOs, and CAOs would 
benefit from greater visibility into the actual use, 
deployment, costs, and performance of all software assets in 
their environment. Therefore, the Act pushes agencies to 
conduct comprehensive assessments of all software purchased, 
deployed, or in use throughout their agency and then adopt 
enterprise-licensing agreements or otherwise streamline 
disparate agency procurements to improve visibility across all 
agency software assets. These steps will empower agency CIOs to 
make smarter decisions and drive greater value in their 
software contracts, thereby reducing costs, stopping 
unnecessary software waste, and improving performance of 
agencies' critical software assets.
---------------------------------------------------------------------------
    \1\Pub. L. No. 114-210 (2016).
    \2\House Committee on Oversight and Government Reform, MEGABYTE Act 
of 2016 at 2 (May 23, 2016) (H. Rept. 114-587).
---------------------------------------------------------------------------
    Finally, SAMOSA recognizes that improving interagency 
collaboration can help consolidate software purchasing 
government-wide, which will significantly reduce unnecessary 
spending and enhance interoperability of the government's most 
robust and widely used software. Therefore, the Act requires 
OMB to develop a strategy, based on the findings of the 
comprehensive assessments and agency developed plans, to drive 
greater efficiencies on critical software asset management 
goals across all agencies.
    An independent analysis from Homeland Security and 
Governmental Affairs Committee staff concluded that agency 
compliance with the MEGABYTE Act saved taxpayers over $450 
million over the past several years.\3\ Because of the way 
software is variably offered, sold, packaged, and distributed 
across agency information technology (IT) investments, the 
government is projected to spend more than $100 billion on IT 
in FY2023.\4\ Conservatively estimating that software makes up 
30% of that spend, per year,\5\ and assuming that improved 
software licensing negotiations, informed by the comprehensive 
assessments required by agencies under this Act, would lead to 
a 15% reduction in costs, taxpayers could expect to see up to 
$5 billion in costs savings annually over the life of this 
Act.\6\ That number is likely to increase if government-wide 
purchasing agreements are leveraged by OMB based on the 
government-wide strategy this Act requires.
---------------------------------------------------------------------------
    \3\See Senator Gary Peters: Peters Convenes Hearing to Examine 
Efforts to Modernize Federal Procurement Process and Encourage 
Innovation in How Government Purchases Goods and Services (May 12, 
2022) (https://www.hsgac.senate.gov/media/in-case-you-missed-it-law-
written-by-peters-saved-taxpayers-more-than-450-million-since-
2016?peek=QLI7yHybo43x%2BdVFixH5W4wB1uPVx6jyjgvooXLFhVNdO9vJ).
    \4\See Kyle Bernal, U.S. Government IT Spending Trends in 2022, 
ExecutiveBiz (blog) (June 13, 2022) (https://blog.executivebiz.com/
articles/u-s-government-it-spending-trends-in-2022/).
    \5\HSGAC Staff analyzed the information technology (IT) spend for 
various departments and agencies that are required to report their 
investments to the IT Dashboard. A statistically significant sample of 
agency IT spend data (at the cost pool level) indicates that software 
spend at various agencies is reported to be between 25-35% of overall 
spend (https://www.itdashboard.gov/agency-analysis).
    \6\See Patrick Gray, How you could save millions during software 
licensing renegotiations, TechRepublic (June 9, 2022) 
(www.techrepublic.com/article/save-with-software-licensing-
renegotiations/).
---------------------------------------------------------------------------

                        III. LEGISLATIVE HISTORY

    Senator Gary Peters (D-MI) introduced S. 4908 on September 
21, 2022 with Senator Bill Cassidy (R-LA) as co-sponsor. 
Senator Bill Hagerty (R-TN) joined as a cosponsor on September 
29, 2022. The bill was referred to the Senate Homeland Security 
and Governmental Affairs Committee.
    The Committee considered S. 4908 at a business meeting on 
September 28, 2022. During the meeting, a substitute amendment 
that made some technical changes and required that agencies' 
plans take into account the prevalence of software used across 
multiple agencies and how that information might help 
streamline software purchases was offered by Chairman Peters 
and adopted by voice vote en bloc as modified.
    The Committee ordered the bill reported favorably as 
amended by the modified Peters Substitute Amendment by voice 
vote en bloc. Senators Peters, Carper, Hassan, Sinema, Rosen, 
Padilla, Ossoff, Portman, Johnson, Paul, Lankford, Romney, 
Scott, and Hawley were present.

        IV. SECTION-BY-SECTION ANALYSIS OF THE BILL, AS REPORTED

Section 1. Short Title

    This Act may be cited as the Strengthening Agency 
Management and Oversight of Software Assets Act.

Section 2. Definitions

    This section provides definitions for ``Administrator,'' 
``Agency,'' ``Cloud Computing,'' ``Cloud Service Provider,'' 
``Comprehensive Assessment,'' ``Director,'' ``Plan,'' 
``Software Entitlement,'' and ``Software Inventory.''

Section 3. Software entitlement and inventory integrity

    Subsection (a) requires each agency, not later than one 
year after enactment, to conduct a comprehensive assessment of 
all software entitlements and software inventories of the 
agency (including specific requirements within the entitlements 
and inventories). Agency CIOs, CFOs, CAOs, and General Counsels 
are to work together to complete the comprehensive assessment.
    Subsection (b) allows for the agency to utilize contracts 
to support the work of the comprehensive assessment, provided 
that there is no conflict of interest for the firm supporting 
the assessment.
    Subsection (c) stipulates that the agency CIO shall, not 
later than one year after enactment, provide the findings of 
the comprehensive assessments to the agency head, the Director 
of OMB, the Administrator of General Services Administration 
(GSA), the Comptroller General, and the appropriate 
Congressional Committees.
    Subsection (d) allows for OMB and GSA to consult with 
agencies as they develop their comprehensive assessments and 
provide additional support, if requested by the agency.

Section 4. Enterprise licensing positions at agencies

    Subsection (a) requires the CIO, CFO, and CAO of each 
agency to use the findings of the comprehensive assessment to 
develop a plan to consolidate agency software licenses and, to 
the greatest extent practicable, adopt enterprise license 
agreements for certain categories of software vendors at the 
agency.
    Subsection (b) lays out some of the requirements that shall 
be included in the plan.
    Subsection (c) allows for the CIO of the agency to request 
the support of OMB or GSA to support the development of the 
plan.
    Subsection (d) requires the agency CIO to submit the plan 
to the OMB Director and to the appropriate Congressional 
Committees not later than 120 days after the completion of the 
comprehensive assessment in Section 3.

Section 5. Government-wide strategy

    Subsection (a) requires the OMB Director, not later than 
two years after enactment, to develop a government-wide 
strategy to support the adoption of government-wide enterprise 
licenses or to update government procurement policies to 
support the ability of one or more agencies to consolidate and 
streamline software entitlements.
    Subsection (b) requires the OMB Director to publish the 
strategy in the first budget presented to Congress after the 
two-year timeline for development and to provide progress 
updates and agency specific performance metrics related to 
software licensing modernization in the five subsequent 
budgets.

Section 6. GAO report

    This section requires the Comptroller General, within 3 
years of enactment, to provide a report to Congress on agency 
cross comparisons and other government-wide analyses on agency 
software management practices, policies, and procedures 
regarding software licensing modernization.

                   V. EVALUATION OF REGULATORY IMPACT

    Pursuant to the requirements of paragraph 11(b) of rule 
XXVI of the Standing Rules of the Senate, the Committee has 
considered the regulatory impact of this bill and determined 
that the bill will have no regulatory impact within the meaning 
of the rules. The Committee agrees with the Congressional 
Budget Office's statement that the bill contains no 
intergovernmental or private-sector mandates as defined in the 
Unfunded Mandates Reform Act (UMRA) and would impose no costs 
on state, local, or tribal governments.

             VI. CONGRESSIONAL BUDGET OFFICE COST ESTIMATE

                                     U.S. Congress,
                               Congressional Budget Office,
                                  Washington, DC, November 9, 2022.
Hon. Gary C. Peters,
Chairman, Committee on Homeland Security and Governmental Affairs, U.S. 
        Senate, Washington, DC.
    Dear Mr. Chairman: The Congressional Budget Office has 
prepared the enclosed table summarizing estimated budgetary 
effects and mandates information for some of the legislation 
that has been ordered reported by the Senate Committee on 
Homeland Security and Governmental Affairs during the 117th 
Congress.
    If you wish further details, we will be pleased to provide 
them. The CBO staff contact for each estimate is listed on the 
enclosed table.
            Sincerely,
                                         Phillip L. Swagel,
                                                          Director.
    Enclosure.

           SUMMARY ESTIMATES OF LEGISLATION ORDERED REPORTED

    The Congressional Budget Act of 1974 requires the 
Congressional Budget Office, to the extent practicable, to 
prepare estimates of the budgetary effects of legislation 
ordered reported by Congressional authorizing committees. In 
order to provide the Congress with as much information as 
possible, the attached table summarizes information about the 
estimated direct spending and revenue effects of some of the 
legislation that has been ordered reported by the Senate 
Committee on Homeland Security and Governmental Affairs during 
the 117th Congress. The legislation listed in this table 
generally would have small effects, if any, on direct spending 
or revenues, CBO estimates. Where possible, the table also 
provides information about the legislation's estimated effects 
on spending subject to appropriation and on intergovernmental 
and private-sector mandates as defined in the Unfunded Mandates 
Reform Act.

                                                  ESTIMATED BUDGETARY EFFECTS AND MANDATES INFORMATION
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                                                                       Increases
                                                               Direct                 Spending Subject   Pay-As-You-   On-Budget
   Bill        Title        Status      Last      Budget     Spending,    Revenues,          to              Go         Deficits    Mandates    Contact
  Number                               Action    Function    2023-2032    2023-2032    Appropriation,    Procedures    Beginning
                                                                                          2023-2027        Apply?       in 2033?
--------------------------------------------------------------------------------------------------------------------------------------------------------
S. 4908    Strengthening  Ordered     09/28/22  800         Between      0            Not estimated     Yes           No           No          Matthew
            Agency         reported                          zero and                                                                           Pickford
            Management                                       $500,000
            and
            Oversight of
            Software
            Assets Act
--------------------------------------------------------------------------------------------------------------------------------------------------------
S. 4908 would direct federal agencies to generate software inventories, assess the software they use, and report that information to the Government
  Accountability Office and the Congress, among others. Upon completion of the assessment, agencies would be directed to develop a plan to consolidate
  software licenses, and the Office of Management and Budget would be required to submit a proposal to develop governmentwide licenses for the most
  widely used and most costly software. CBO estimates that enacting S. 4908 would have an insignificant effect on direct spending and no effect on
  revenues over the 2023-2032 period. CBO has not estimated the discretionary costs of implementing the bill. The bill contains no intergovernmental or
  private-sector mandates as defined in the Unfunded Mandates Reform Act.

       VII. CHANGES IN EXISTING LAW MADE BY THE BILL, AS REPORTED

    This legislation would make no change in existing law, 
within the meaning of clauses (a) and (b) of subparagraph 12 of 
rule XXVI of the Standing Rules of the Senate, because this 
legislation would not repeal or amend any provision of current 
law.

                                  [all]